The discovery of a backdoor key to Windows may be one of the most
"devastating news" for a millions of Windows users. It is for
the first time in the history of computer security that such a gigantic
breach of trust has transpired.
While on the surface this issue was made to appear as an uproar that
cannot be verified really, but there is much too much of information which
has been uncovered to raise serious doubts about the security of any Windows
based computer system - Windows95, Windows98, Windows2000 or WindowsNT.
Whether the shifting and loss of various online resources
at Microsoft's websites has been coincidence, or part of a vain attempt to
control the information about this serious problem, cannot be said by anyone
not in direct control of those websites.
It all began when remarkable exhibits in the Windows standard drivers
used for security and encryption struck a chord in the minds of experts.
Things took shape further when at Crypto 98; Nicko van Someren a
British cryptography specialist found that Windows drivers when disassembled
contained two keys. Further Andrew Fernandes a leading scientist for security
software company Cryptonym, a Canadian software firm gave an open claim
that NSA (National security Agency) may have a key that could access the core
security for the windows operating systems. Andrew Fernandes also verified
the recently released NT server service pack 5 and found two keys named
_KEY" and "
Crypto'99 he spoke of the secrets behind the two keys.
While the Microsoft developers did not deny the presence of the
_NSAKEY" they also did not also explain satisfactorily
the purpose and anonymity of the key. They denied that
it belongs to the NSA, but gave excuses for the presence of this
fail over key that are difficult to believe.
Andrew Fernandes also asserted that the outcome of a the secret key
inside the Windows operating system could mean "that it is tremendously
easier for the NSA to load unauthorized security services on all copies of
Microsoft Windows, and once these security services are loaded, they can
effectively compromise your entire operating system". <URL: http://www.cryptonym.com>
The facilities protected by that key include most of the cryptographic security of the system.
Microsoft's explanation for this other key is that
he other key was a backup key meant for authentication of encrypted
components in the event of failure of the first key. (This
much is quite true.) Culp from Microsoft claims that
_NSAKEY" was colloquially used and is not shared
with any outside party including the NSA. What he failed
to explain is that this additional fail over key can be used or even
replaced with another key, without any security notifications on the
system of compromise. Once used or replaced, the entire hierarchy falls
like a tower of blocks. ActiveX may be actually signed by someone
other than the one claimed. Java applets, similarly. System libraries,
Sessions with otherwise secure Internet servers, Virtual Private
Networking - just about anything that has to do with security, that is
varified through the CryptoAPI can no longer be trusted.
While the discussions go
on -- the issue takes a different turn.
It is immaterial if Microsoft or the NSA or any other person has the actual second key!!!
Does it matter who has the second key as long as we know that there is a second key? And it would matter less if there were a few dozens keys more since if the water leaks from the barrel
through this one hole -- security is being
compromised -- and the number of holes would just add proportion to the risk.